CN112685293A - Testing method of encryption interface and related equipment - Google Patents

Testing method of encryption interface and related equipment Download PDF

Info

Publication number
CN112685293A
CN112685293A CN202011550889.2A CN202011550889A CN112685293A CN 112685293 A CN112685293 A CN 112685293A CN 202011550889 A CN202011550889 A CN 202011550889A CN 112685293 A CN112685293 A CN 112685293A
Authority
CN
China
Prior art keywords
interface
tested
encryption
token
test
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011550889.2A
Other languages
Chinese (zh)
Inventor
黄青青
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Puhui Enterprise Management Co Ltd
Original Assignee
Ping An Puhui Enterprise Management Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Puhui Enterprise Management Co Ltd filed Critical Ping An Puhui Enterprise Management Co Ltd
Priority to CN202011550889.2A priority Critical patent/CN112685293A/en
Publication of CN112685293A publication Critical patent/CN112685293A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The application relates to the technical field of interface testing, and provides a testing method of an encryption interface and related equipment, wherein the method comprises the following steps: obtaining a token corresponding to an interface to be tested, and storing the token into a testing tool; generating entry information according to the token and the interface entry of the interface to be tested; calling an Advanced Encryption Standard (AES) encryption and decryption packet and the token stored in the test tool to encrypt the participation information; inputting the encrypted access information to the interface to be tested, and receiving an encrypted return result fed back by the interface to be tested; calling the AES encryption and decryption package, decrypting the encrypted return result to obtain a plaintext return result, and determining the test result of the interface to be tested based on the return result. By implementing the method and the device, the encryption interface in the real environment can be tested, the effectiveness of the test is ensured, and the complexity of the test process is reduced.

Description

Testing method of encryption interface and related equipment
Technical Field
The present application relates to the field of interface testing technologies, and in particular, to a testing method for an encryption interface and a related device.
Background
With the rapid development of information technology, people pay more and more attention to information security. At present, many systems use a blind type encryption mode in interface design to ensure the safety and reliability of information in the transmission process. At present, the most common symmetric Encryption and decryption algorithm in the software development process is AES (Advanced Encryption Standard), and correspondingly, in the test process, some cases need to perform performance pressure test on encrypted interfaces.
However, when a jmeter (java-based stress testing tool) is used to perform an interface stress test at present, many existing testing methods are performed based on a mode of temporarily turning off an encrypted/decrypted interface service, that is, performing a performance stress test on an unencrypted interface, and obviously, this operation mode cannot truly simulate an interface in a production environment and does not meet the target of an online interface test.
In addition, because the encryption and decryption key is obtained from a token (token) which is dynamically changed at present, the last 16 bits of the token can be used as the encryption and decryption key for encryption and decryption in general, but the token is invalid every interval, so that a new token needs to be obtained again to be replaced into a jmeter file script for testing, the testing complexity is greatly increased, and the testing timeliness is reduced.
Therefore, how to simulate the real interface encryption and decryption process to realize the performance stress test of the encryption and decryption interface and reduce the complexity of the stress test is an urgent problem to be solved.
Disclosure of Invention
In view of the above, the present application is proposed to provide a testing method of an encryption interface and a related device that overcome or at least partially solve the above problems.
In a first aspect, an embodiment of the present application provides a method for testing an encryption interface, which may include:
obtaining a token corresponding to an interface to be tested, and storing the token into a testing tool;
generating entry information according to the token and the interface entry of the interface to be tested;
calling an Advanced Encryption Standard (AES) encryption and decryption packet and the token stored in the test tool to encrypt the participation information;
inputting the encrypted access information to the interface to be tested, and receiving an encrypted return result fed back by the interface to be tested;
calling the AES encryption and decryption package, decrypting the encrypted return result to obtain a plaintext return result, and determining the test result of the interface to be tested based on the return result.
In one possible implementation manner, the determining a test result of the interface to be tested based on the returned result includes:
comparing the returned result with an expected result corresponding to the access information, and if the returned result is the same as the expected result, determining that the returned result is correct, wherein the test result of the interface to be tested is a test pass; and if the returned result is different from the expected result, determining that the returned result is incorrect, and determining that the test result of the interface to be tested is test failure.
In a possible implementation manner, the obtaining a token corresponding to an interface to be tested includes:
sending a request to the interface to be tested to acquire the return information of the interface to be tested;
and obtaining the token from the return information through a regular expression extractor.
In one possible implementation manner, the calling the AES encryption/decryption packet stored in the test tool and the token to encrypt the entry information includes:
intercepting part or all of the token;
calling the AES encryption and decryption package placed in the test tool, and encrypting the access information by using part or all of the token as an encryption key.
In one possible implementation manner, the invoking the AES encrypt/decrypt packet to decrypt the encrypted return result includes:
calling the AES encryption and decryption package, and using part or all of the token as a decryption key to decrypt the encrypted return result.
In one possible implementation, the method further includes:
setting the user concurrency number corresponding to the interface to be tested through the testing tool; the interface to be tested comprises one or more of a login interface, a conversion rate interface and a permission configuration interface.
In one possible implementation, the AES encryption/decryption packets are stored under the lib directory of the test tool; the test tool is a meter.
In a second aspect, an embodiment of the present application provides a device for testing an encryption interface, where the device includes:
the system comprises an acquisition unit, a test tool and a test module, wherein the acquisition unit is used for acquiring a token corresponding to an interface to be tested and storing the token into the test tool;
the generating unit is used for generating the parameter entering information according to the token and the interface parameter entering of the interface to be tested;
the encryption unit is used for calling an Advanced Encryption Standard (AES) encryption and decryption packet and the token stored in the test tool and encrypting the access information;
the receiving unit is used for inputting the encrypted access information to the interface to be tested and receiving an encrypted return result fed back by the interface to be tested;
and the decryption unit is used for calling the AES encryption and decryption packet, decrypting the encrypted return result to obtain a plaintext return result, and determining the test result of the interface to be tested based on the return result.
In a possible implementation manner, the decryption unit is specifically configured to:
comparing the returned result with an expected result corresponding to the access information, and if the returned result is the same as the expected result, determining that the returned result is correct, wherein the test result of the interface to be tested is a test pass; and if the returned result is different from the expected result, determining that the returned result is incorrect, and determining that the test result of the interface to be tested is test failure.
In a possible implementation manner, the obtaining unit is specifically configured to:
sending a request to the interface to be tested to acquire the return information of the interface to be tested;
and obtaining the token from the return information through a regular expression extractor.
In a possible implementation manner, the encryption unit is specifically configured to:
intercepting part or all of the token;
calling the AES encryption and decryption package placed in the test tool, and encrypting the access information by using part or all of the token as an encryption key.
In a possible implementation manner, the decryption unit is specifically configured to:
calling the AES encryption and decryption package, and using part or all of the token as a decryption key to decrypt the encrypted return result.
In one possible implementation, the apparatus further includes:
the setting unit is used for setting the user concurrence number corresponding to the interface to be tested through the testing tool; the interface to be tested comprises one or more of a login interface, a conversion rate interface and a permission configuration interface.
In one possible implementation, the AES encryption/decryption packets are stored under the lib directory of the test tool; the test tool is a meter.
In a third aspect, an embodiment of the present application provides a computer device, including a storage component, a processing component and a communication component, where the storage component, the processing component and the communication component are connected to each other, where the storage component is used to store a computer program, and the communication component is used to perform information interaction with an external device; the processing component is configured to invoke a computer program to perform the method according to the first aspect, which is not described herein again.
In a fourth aspect, an embodiment of the present application provides a computer-readable storage medium, where a computer program is stored in the computer-readable storage medium, and the computer program is executed by a processor to implement the method in the first aspect, which is not described herein again.
According to the method and the device, the AES encryption and decryption packet can be introduced into the test tool, so that the AES encryption and decryption packet can be directly called when encryption and decryption are carried out on the subsequent parameter entering information and returned results, the process of simulating the online encryption and decryption of the interface is realized, and the consistency of the test environment of the interface and the online real environment is ensured. So, compare often can close the encryption and decryption service of interface among the prior art when carrying out the interface test, lead to the interface test to break away from actual conditions's scheme, this application has improved the validity of test greatly, has promoted the credibility of test result. In addition, the token with dynamic change is stored in the testing tool, so that the subsequent process can be directly called without reacquiring the token, the complexity of the testing process is greatly reduced, and the workload of testing personnel is reduced.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments or the background art of the present application, the drawings required to be used in the embodiments or the background art of the present application will be described below.
Fig. 1 is a schematic system architecture diagram of a testing method for an encryption interface according to an embodiment of the present application;
fig. 2 is a schematic flowchart of a testing method for an encryption interface according to an embodiment of the present application;
fig. 3 is a schematic flowchart of another testing method for an encryption interface according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of a testing apparatus for an encryption interface according to an embodiment of the present disclosure;
fig. 5 is a schematic structural diagram of a computer device according to an embodiment of the present application.
Detailed Description
The embodiments of the present application will be described below with reference to the drawings.
The terms "first," "second," and "third," etc. in the description and claims of this application and in the accompanying drawings are used for distinguishing between different objects and not for describing a particular order. Furthermore, "include" and "have" and any variations thereof, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements listed, but may alternatively include other steps or elements not listed, or inherent to such process, method, article, or apparatus.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the application. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by one skilled in the art that the embodiments described herein can be combined with other embodiments.
As used in this application, the terms "server," "unit," "system," and the like are intended to refer to a computer-related entity, either hardware, firmware, a combination of hardware and software, or software in execution. For example, a server may be, but is not limited to, a processor, a data processing platform, a computing device, a computer, two or more computers, and the like.
First, some terms in the present application are explained so as to be easily understood by those skilled in the art.
(1) jmeter (a java based pressure test tool) can be used to pressure test the interface. In particular, the jmeter may be used to test static and dynamic resources, such as static files, Java servlets, Common Gateway Interface (CGI) scripts, Java objects, databases, File Transfer Protocol (FTP) servers, and so forth. The jmeter can be used to simulate huge loads on servers, networks or objects, test their strengths and analyze the overall performance from different stress classes. In addition, the jmeter can also function/regress the application by creating a script with assertions to verify that the program returns the expected result. Where for maximum flexibility, the meter allows assertions to be created using regular expressions.
(2) token, is usually a string of characters generated at the server. If the front end uses the user name/password to request authentication from the server, and the server successfully authenticates, the token is returned to the front end at the server. Alternatively, the front-end may take a token on each request to prove its legal status. It should be noted that the token has an expiration date, that is, the token is dynamically changed.
(3) Advanced Encryption Standard (AES), a common symmetric encryption algorithm, is used. The encryption key and the decryption key used by the symmetric encryption algorithm are the same key.
Next, a system architecture of a test method for an encryption interface on which the embodiments of the present application are based is described.
Referring to fig. 1, fig. 1 is a schematic diagram of a system architecture of a testing method for an encryption interface according to an embodiment of the present application. As shown in fig. 1, the system architecture may include a computer device 101 (exemplified by a desktop computer in fig. 1) and a server 201. For the computer device 101 that needs to perform the interface test, the interface test function provided by the embodiment of the application may be directly integrated on the computer device 101, or a client for implementing the method of the embodiment of the application may be installed on the computer device 101. Or, the interface testing method provided by the present application may also be executed on a device such as the server 201 in a form of a Software Development Kit (SDK), an interface of an interface testing function is provided in a form of the SDK, the computer device 101 or another device may implement processing of an abnormal application through the provided interface, and the like, which is not specifically limited in this embodiment of the present application. The computer device 101 may establish a connection with the server 201 in a wired or wireless manner, where the server 201 may be one server, or may be a server cluster composed of multiple servers, or a cloud computing service center, and the like, which is not specifically limited in this embodiment of the present application.
In the following, taking the computer device 101 as an example, a method for testing an encryption interface provided in the embodiment of the present application is described in detail. Specifically, in order to simulate the encryption and decryption processes on the interface line and implement the test on the encryption interface, the computer device 101 may first store the encryption and decryption packages that need to be referred to in the test process in the test tool. The test tool may be a jmeter (a java-based open source stress test tool), the encryption/decryption packet may be an AES encryption/decryption packet, and the AES encryption/decryption packet may include an AES encryption algorithm and an AES decryption algorithm. Alternatively, the AES encryption/decryption packet may be placed in the list of the meter so that it can be called directly when encryption/decryption is performed later. It should be noted that the interface to be tested is an interface with encryption and decryption services, for example, the interface may be a login interface, a conversion rate interface, an authority configuration interface, and the like, which is not specifically limited in this embodiment of the present application. Then, the computer device 101 may obtain a token corresponding to the interface to be tested, and store the token in the jmeter for being called in a subsequent encryption and decryption process. The computer device 101 may generate the entry information according to the token and the interface entry of the interface to be tested (for example, the interface entry of the login interface may include a user name and a password, etc.). Then, the computer apparatus 101 may call an AES encryption/decryption packet and a token stored in the meter in advance, and encrypt the entry information. Alternatively, the computer device 101 may encrypt the access information by intercepting the last 16 bits of the token and using the last 16 bits of the token as an encryption key. Then, the computer device 101 may input the encrypted entry information to the interface to be tested, and receive an encrypted return result fed back by the interface to be tested. Finally, the computer device 101 may call the AES encrypt-decrypt packet and decrypt the encrypted return result using the last 16 bits of the token as the decryption key, resulting in a clear return result. In this way, the computer device 101 may determine the test result of the interface to be tested based on the returned result and the expected result corresponding to the entry information. For example, taking a login interface as an example, if the entry information includes a correct user name and a correct password, the expected result returned by the interface to be tested should be successful in login, and if the actually obtained returned result is different from the expected result, it may indicate that the test of the interface to be tested does not pass, and a worker needs to correct the result; otherwise, if the actually obtained returned result is the same as the expected result, it may indicate that the test of the interface to be tested passes, and so on, which is not described herein again.
Optionally, after the encryption and decryption test is completed for the interface to be tested (i.e. it is verified whether the interface to be tested can return a correct result based on the entry information), in order to verify the performance of the interface, a pressure test may be further performed on the interface. Specifically, the thread number, that is, the concurrent number of the users of the interface, may be set according to the requirement or the performance index, and multiple users may be simulated to call the same interface at the same time, so as to achieve the purpose of performance pressure testing. In the pressure test process, the performance inflection point of the interface to be tested can be found by observing the performance change of the interface. It should be noted that the performance inflection point refers to how many concurrent users can obtain the best number of Transactions Per Second (TPS) executed in the performance pressure measurement process, so as to obtain the best index in the interface pressure measurement process. Optionally, after the pressure test on the interface to be tested is completed, the computer device may further output a pressure test report, so that a worker can better grasp the performance status of the interface, continuously optimize the interface, and the like.
As described above, the computer device in the embodiment of the present application may include, but is not limited to, any electronic product based on an intelligent operating system, which can perform human-computer interaction with a user through an input device such as a keyboard, a virtual keyboard, a touch pad, a touch screen, and a voice control device, such as a smart phone, a tablet computer, a notebook computer, and a desktop computer, which have the above interface testing function. Smart operating systems include, but are not limited to, any operating system that enriches device functionality by providing various mobile applications to a mobile device, such as: android (Android)TM)、iOSTM、Windows PhoneTMAnd the like. The computer device in this embodiment of the present application may also be one or more servers (a plurality of servers may form a server cluster) having the above interface testing function, and the like, which is not specifically limited in this embodiment of the present application.
It should also be understood that the system architecture of the test method for the encryption interface shown in fig. 1 is only a partial exemplary implementation manner in the embodiment of the present application, and the system architecture of the test method for the encryption interface in the embodiment of the present application includes, but is not limited to, the system architecture of the test method for the encryption interface above.
Referring to fig. 2, fig. 2 is a schematic flowchart illustrating a testing method for an encryption interface according to an embodiment of the present disclosure. Applicable to the system of fig. 1 described above, and described below in connection with fig. 2 from a single side of the computer device 101. The method may include the following steps S201 to S203.
Step S201: and obtaining a token corresponding to the interface to be tested, and storing the token into a testing tool.
Specifically, the computer device may send a request to the interface to be tested, and then obtain the return information of the interface to be tested.
For example, the interface to be tested may be a login interface, and the return information of the interface to be tested may include a login name, account authority, cookie (data (usually encrypted) stored on the user's local terminal by some websites for identifying and tracking the user's identity), token (token), and the like. Optionally, the computer device may obtain a token from the return information of the interface to be tested through the regular expression extractor, and store the obtained token in a test tool (such as the java-based stress test tool jmeter) for invocation in a subsequent encryption and decryption process. Optionally, the interface to be tested related to in the embodiment of the present application may be an interface for related page call, such as a login interface, a conversion rate interface, an authority configuration interface, and the like, and the interface to be tested may be an interface with an encryption and decryption function, and the encryption and decryption algorithm related to the interface to be tested may be an AES encryption and decryption algorithm, and the like, which is not specifically limited in the embodiment of the present application.
It should be noted that, because the token is dynamically changed, that is, the token has an expiration date, for the interface testing method in the prior art, after the original token fails, a new token often needs to be obtained again, and then the new token is replaced into the jmeter file script for testing, which greatly increases the complexity of testing and the timeliness of testing. However, as described above, in the embodiment of the present application, the token with the dynamic change can be stored in the test tool, so that the token can be directly called in the subsequent encryption and decryption processes, the complexity of the test flow is reduced, the workload of the tester is reduced, and the test efficiency is improved.
Step S202: and generating the parameter input information according to the token and the interface parameter input of the interface to be tested.
Specifically, the computer device generates the parameter entering information according to the obtained token and the interface parameter entering of the interface to be tested.
Optionally, the computer device may directly call a dynamically changing token stored in the testing tool, and splice the token with the interface access parameters of the interface to be tested, so as to obtain complete access parameter information. Optionally, in some possible implementations, the computer device may further splice a part of the token (e.g., the last 16 bits of the token, etc.) with the interface entries of the interface to be tested, so as to obtain complete entry information, and so on. For example, the interface to be tested may be a login interface, and the interface entry of the interface to be tested may be a username and password, and so on.
For example, an example of splicing the interface participation and token to obtain complete participation information is as follows:
aes_tokenUM=umid+'_'+aes_token,
"{\"date\":\"2020-06-19\",\"organizeId\":\"0\",\"productType\":\"unmortgage_credit_ps\",\"duration\":\"7\",\"deviceType\":\"PC\",\"authorization\":\""+aes_tokenUM+"\"}";
wherein, the UMID (User Management ID, User Management identification number) is the interface entry parameter described herein, and aes _ token is the token for concatenation described herein.
Step S203: calling an advanced encryption Algorithm (AES) stored in the test tool to encrypt and decrypt the packet and the token, and encrypting the participation information.
Specifically, after obtaining the complete parameter information, the computer device may call, with a pre-programmed script, the AES encryption/decryption packet stored in the test tool and the token stored in the test tool to encrypt the parameter information, so as to obtain the encrypted parameter information.
Optionally, when testing the interface for AES encryption, the computer device may put an AES encryption/decryption packet (e.g., AES _ RSA _ signutils. jar) required in the encryption/decryption process under the lib directory of the jmeter (the program shared library directory of the root directory) in advance. Optionally, the computer device may also place other required packets (e.g., packets for processing json into string, etc.) together under the list entry of the meter so that they can be directly called later.
Optionally, after obtaining the token corresponding to the interface to be tested, the computer device may intercept part or all of the token, and subsequently may use part or all of the token as an encryption key, and encrypt the access information through the AES encryption/decryption packet, thereby obtaining the encrypted access information. For example, the last 16 bits of the token may be intercepted and then the reference information may be encrypted using the last 16 bits of the token as an encryption key. For another example, in some possible implementations, the last 8 bits, the last 12 bits, or the first 16 bits, etc. of the token may also be intercepted, and the entry information is encrypted by using the AES encryption/decryption packet as an encryption key, so as to obtain encrypted entry information, and the like, which is not specifically limited in this embodiment of the present application.
Step S204: and inputting the encrypted access information to the interface to be tested, and receiving an encrypted return result fed back by the interface to be tested.
Specifically, the computer device inputs the encrypted access information to the interface to be tested, and receives the encrypted return result fed back by the interface to be tested. It can be understood that, because the interface to be tested related to the present application is an interface with encryption and decryption services, the interface to be tested may decrypt the encrypted access information based on the input encrypted access information, and feed back the encrypted return result according to the access information.
Step S205: calling the AES encryption and decryption package, decrypting the encrypted return result to obtain a plaintext return result, and determining the test result of the interface to be tested based on the return result.
Specifically, as described above, the computer device may call the AES encrypted and decrypted packet stored in the test tool through a pre-written script, and decrypt the encrypted return result using part or all of the intercepted token (e.g., the last 16 bits of the token) as a decryption key, thereby obtaining a plaintext return result. The computer device may then determine a test result for the interface to be tested based on the returned result.
Optionally, the computer device may determine the test result of the interface to be tested according to an expected result corresponding to the input reference information input into the interface to be tested and an actual return result in the test process. For example, the expected result may be compared with a returned result obtained in the test, and if the returned result is the same as the expected result, it may be determined that the returned result fed back by the interface to be tested is correct, and the test result of the interface to be tested is a pass test, and the function of the pass test meets the requirement; if the returned result is different from the expected result, it can be determined that the returned result fed back by the interface to be tested is incorrect, the test result of the interface to be tested is that the test fails, the function of the interface to be tested has defects, and a worker needs to correct the interface to be tested, so that the interface to be tested can correctly feed back the expected result according to the entry information.
For example, still take the login interface as an example, in general, if the entry information input to the interface to be tested is the correct user name and password, the result should be login success, that is, the expected result (that is, the correct returned result) fed back by the interface should be "login success", and if the returned result obtained by the test at this time is other results different from the expected result, such as "login failure" or "user name does not exist", it may be determined that the returned result of the interface to be tested is incorrect; otherwise, if the returned result obtained by the test at this time is "login success", the returned result of the interface to be tested can be determined to be correct. For another example, if the entry information input to the interface to be tested is the wrong user name and password, the result should be login failure, that is, the expected result (i.e., the correct returned result) fed back by the interface should be "login failure", and if the returned result obtained by the test at this time is other results different from the expected result, such as "login success", it may be determined that the returned result of the interface to be tested is wrong; otherwise, if the returned result obtained by the test at this time is 'login failure', the returned result of the interface to be tested can be determined to be correct.
Referring to fig. 3, fig. 3 is a schematic flowchart illustrating another testing method for an encryption interface according to an embodiment of the present application. Applicable to the system of fig. 1 described above, and described below in connection with fig. 3 from a single side of the computer device 101. The method may comprise the following steps S301-S306.
Step S301: the number of threads is set.
Specifically, in order to verify the performance of the interface, a pressure test may be performed on the interface to be tested, and specifically, according to the test requirement or the performance index, a corresponding thread number may be first set for the interface to be tested, that is, a user concurrence number of the interface to be tested is set, so that a plurality of users may be simulated to call the same interface to be tested at the same time, and the purpose of performing the performance pressure test is achieved. In the pressure testing process, the performance change of the interface to be tested can be observed by continuously changing the thread number, and the performance inflection point of the interface to be tested is found. It should be noted that the performance inflection point refers to how many concurrent users can obtain the best number of executed Transactions Per Second (TPS) in the performance pressure measurement process, and the details are not described herein.
Optionally, in the embodiment of the present application, a single thread number may be set first to complete an encryption and decryption test on the interface to be tested, and then after the encryption and decryption test is performed on the interface to be tested, that is, after it is verified that the interface to be tested can feed back a correct expected result according to the input parameter information, the interface to be tested may be further subjected to a pressure test. The encryption and decryption processes involved in the stress test process may refer to the description in the embodiment corresponding to fig. 2, except that the stress test considers the variable of the user concurrency number. Optionally, in the embodiment of the present application, a plurality of thread numbers may be set at the beginning according to the test index, so as to perform a pressure test on the interface to be tested, and the like, which is not specifically limited in the embodiment of the present application.
Step S302: login/dynamic acquisition of tokens.
Specifically, step S302 may refer to the embodiment corresponding to step S201 in fig. 2, which is not described herein again. Alternatively, taking the example that the interface to be tested is a login interface, the computer device may obtain the return information of the interface by sending a login request to the login interface, and then may obtain the dynamic token from the return information by using the regular expression extractor.
Step S303: the back 16 bits of the token are intercepted.
Specifically, step S303 may refer to the embodiment corresponding to step S203 in fig. 2, which is not described herein again.
Alternatively, as shown in fig. 3, in a beans shell (a java source interpreter) preprocessing procedure, the obtained token may be intercepted, and the next 16 bits are reserved, where the next 16 bits of the token are an encryption key and a decryption key that can be used for subsequent encryption and decryption. Alternatively, the last 8 bits or the first 16 bits of the token may be intercepted, and used as an encryption key and a decryption key for subsequent encryption and decryption, and the like, which is not specifically limited in this embodiment of the application.
Step S304: and splicing the token and the interface access parameter to obtain the access parameter information.
Specifically, step S304 may refer to the embodiment corresponding to step S202 in fig. 2, which is not described herein again.
Step S305: and the AES encrypts the access information and inputs the encrypted access information into the interface.
Specifically, step S305 may refer to the embodiment corresponding to step S204 in fig. 2, which is not described herein again.
Step S306: and the encrypted return result fed back by the AES decryption interface.
Specifically, step S306 may refer to the embodiment corresponding to step S205 in fig. 2, which is not described herein again.
It can be understood that, since the interface to be tested targeted by the present application is an interface with encryption and decryption services, and the encryption and decryption services are not closed in order to simulate a real environment in the testing process, the returned result directly fed back by the interface to be tested is the returned result encrypted by the interface to be tested. However, in general, in order to verify the correctness of the returned result of the interface, an assertion needs to be made according to the returned result. In this way, in order to determine whether the returned result is correct or not, as shown in fig. 3, AES may be called to encrypt and decrypt the packet in the assertion of the benshell (a java source interpreter), and the last 16 bits of the intercepted token may be used as a decryption key to decrypt the encrypted returned result, so as to obtain a plaintext returned result.
Step S307: and judging whether the returned result is correct or not.
Specifically, step S307 may refer to the embodiment corresponding to step S205 in fig. 2, which is not described herein again.
In summary, according to the embodiment of the application, the AES encryption and decryption packet can be introduced into the test tool, so that the AES encryption and decryption packet can be directly called when encryption and decryption are subsequently performed on the input parameter information and the returned result, the process of simulating encryption and decryption on an interface line is realized, and the consistency of the test environment of the interface and the on-line real environment is ensured. So, compare often can close the encryption and decryption service of interface among the prior art when carrying out the interface test, lead to the interface test to break away from actual conditions's scheme, this application has improved the validity of test greatly, has promoted the credibility of test result. In addition, the token with dynamic change is stored in the test tool, so that the subsequent encryption and decryption processes can be directly called, the complexity of the test flow is greatly reduced, and the workload of testers is reduced.
The method of the embodiment of the present application is explained in detail above, and the following provides a testing apparatus of the encryption interface related to the embodiment of the present application. Referring to fig. 4, fig. 4 is a schematic structural diagram of a testing apparatus for an encryption interface according to an embodiment of the present disclosure. The test apparatus 40 of the encryption interface may include an acquisition unit 401, a generation unit 402, an encryption unit 403, a reception unit 404, and a decryption unit 405.
An obtaining unit 401, configured to obtain a token corresponding to an interface to be tested, and store the token in a test tool;
a generating unit 402, configured to generate entry information according to the token and the interface entry of the interface to be tested;
an encryption unit 403, configured to call an advanced encryption standard AES encryption/decryption packet stored in the test tool and the token, and encrypt the entry information;
a receiving unit 404, configured to input the encrypted entry information to the interface to be tested, and receive an encrypted return result fed back by the interface to be tested;
a decryption unit 405, configured to invoke the AES encryption/decryption packet, decrypt the encrypted return result to obtain a plaintext return result, and determine a test result of the interface to be tested based on the return result.
In a possible implementation manner, the decryption unit 405 is specifically configured to:
comparing the returned result with an expected result corresponding to the access information, and if the returned result is the same as the expected result, determining that the returned result is correct, wherein the test result of the interface to be tested is a test pass; and if the returned result is different from the expected result, determining that the returned result is incorrect, and determining that the test result of the interface to be tested is test failure.
In a possible implementation manner, the obtaining unit 401 is specifically configured to:
sending a request to the interface to be tested to acquire the return information of the interface to be tested;
and obtaining the token from the return information through a regular expression extractor.
In a possible implementation manner, the encryption unit 403 is specifically configured to:
intercepting part or all of the token;
calling the AES encryption and decryption package placed in the test tool, and encrypting the access information by using part or all of the token as an encryption key.
In a possible implementation manner, the decryption unit 405 is specifically configured to:
calling the AES encryption and decryption package, and using part or all of the token as a decryption key to decrypt the encrypted return result.
In one possible implementation, the apparatus 40 further includes:
a setting unit 406, configured to set, by using the testing tool, a user concurrence number corresponding to the interface to be tested; the interface to be tested comprises one or more of a login interface, a conversion rate interface and a permission configuration interface.
In one possible implementation, the AES encryption/decryption packets are stored under the lib directory of the test tool; the test tool is a meter.
It should be noted that implementation of each operation may also correspond to corresponding description of the method embodiments shown in fig. 2 and fig. 3, and details are not described here again.
Referring to fig. 5, fig. 5 is a schematic structural diagram of a computer device according to an embodiment of the present disclosure, where the computer device 50 includes at least one processor 501, at least one memory 502, and at least one communication interface 503. In addition, the device may also include common components such as an antenna, which will not be described in detail herein.
The processor 501 may be a general purpose Central Processing Unit (CPU), a microprocessor, an application-specific integrated circuit (ASIC), or one or more integrated circuits for controlling the execution of programs according to the above schemes.
Communication interface 503 is used for communicating with other devices or communication Networks, such as ethernet, Radio Access Network (RAN), core network, Wireless Local Area Networks (WLAN), etc.
The Memory 502 may be, but is not limited to, a Read-Only Memory (ROM) or other type of static storage device that can store static information and instructions, a Random Access Memory (RAM) or other type of dynamic storage device that can store information and instructions, an Electrically Erasable Programmable Read-Only Memory (EEPROM), a Compact Disc Read-Only Memory (CD-ROM) or other optical Disc storage, optical Disc storage (including Compact Disc, laser Disc, optical Disc, digital versatile Disc, blu-ray Disc, etc.), magnetic disk storage media or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer. The memory may be self-contained and coupled to the processor via a bus. The memory may also be integral to the processor.
The memory 502 is used for storing application program codes for executing the above scheme, and is controlled by the processor 501 for execution. The processor 501 is used to execute application program code stored in the memory 502.
The code stored in the memory 502 may perform the testing method of the encryption interface provided in fig. 2 or fig. 3, for example, the computer device 50 may obtain a token corresponding to the interface to be tested and store the token in the testing tool; generating entry information according to the token and the interface entry of the interface to be tested; calling an Advanced Encryption Standard (AES) encryption and decryption packet and the token stored in the test tool to encrypt the participation information; inputting the encrypted access information to the interface to be tested, and receiving an encrypted return result fed back by the interface to be tested; calling the AES encryption and decryption package, decrypting the encrypted return result to obtain a plaintext return result, and determining the test result of the interface to be tested based on the return result.
It should be noted that, for the functions of the functional units in the computer device 50 described in the embodiment of the present application, reference may be made to the corresponding descriptions of the method embodiments shown in fig. 2 and fig. 3, and details are not described here again.
In this application, the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiments of the present application.
In addition, functional components in the embodiments of the present application may be integrated into one component, or each component may exist alone physically, or two or more components may be integrated into one component. The integrated components can be realized in a form of hardware or a form of software functional units.
The integrated components, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be substantially or partially implemented in the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method described in the embodiments of the present application. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
While the invention has been described with reference to specific embodiments, the scope of the invention is not limited thereto, and those skilled in the art can easily conceive various equivalent modifications or substitutions within the technical scope of the invention. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
It should be understood that, in the various embodiments of the present application, the sequence numbers of the above-mentioned processes do not mean the execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present application. While the present application has been described herein in conjunction with various embodiments, other variations to the disclosed embodiments may be understood and effected by those skilled in the art in practicing the present application as claimed herein.

Claims (10)

1. A test method for an encryption interface is characterized by comprising the following steps:
obtaining a token corresponding to an interface to be tested, and storing the token into a testing tool;
generating entry information according to the token and the interface entry of the interface to be tested;
calling an Advanced Encryption Standard (AES) encryption and decryption packet and the token stored in the test tool to encrypt the participation information;
inputting the encrypted access information to the interface to be tested, and receiving an encrypted return result fed back by the interface to be tested;
calling the AES encryption and decryption package, decrypting the encrypted return result to obtain a plaintext return result, and determining the test result of the interface to be tested based on the return result.
2. The method of claim 1, wherein said determining a test result for the interface under test based on the returned result comprises:
comparing the returned result with an expected result corresponding to the access information, and if the returned result is the same as the expected result, determining that the returned result is correct, wherein the test result of the interface to be tested is a test pass; and if the returned result is different from the expected result, determining that the returned result is incorrect, and determining that the test result of the interface to be tested is test failure.
3. The method of claim 1, wherein obtaining the token corresponding to the interface to be tested comprises:
sending a request to the interface to be tested to acquire the return information of the interface to be tested;
and obtaining the token from the return information through a regular expression extractor.
4. The method of claim 1, wherein the invoking of the AES encryption/decryption packet and the token stored in the test tool to encrypt the access information comprises:
intercepting part or all of the token;
calling the AES encryption and decryption package placed in the test tool, and encrypting the access information by using part or all of the token as an encryption key.
5. The method of claim 4, wherein invoking the AES encryption/decryption packet to decrypt the encrypted return result comprises:
calling the AES encryption and decryption package, and using part or all of the token as a decryption key to decrypt the encrypted return result.
6. The method of claim 1, further comprising:
setting the user concurrency number corresponding to the interface to be tested through the testing tool; the interface to be tested comprises one or more of a login interface, a conversion rate interface and a permission configuration interface.
7. The method of claim 1, wherein the AES encryption/decryption packets are stored under a lib directory of the test tool; the test tool is a meter.
8. An encryption interface testing apparatus, comprising:
the system comprises an acquisition unit, a test tool and a test module, wherein the acquisition unit is used for acquiring a token corresponding to an interface to be tested and storing the token into the test tool;
the generating unit is used for generating the parameter entering information according to the token and the interface parameter entering of the interface to be tested;
the encryption unit is used for calling an Advanced Encryption Standard (AES) encryption and decryption packet and the token stored in the test tool and encrypting the access information;
the receiving unit is used for inputting the encrypted access information to the interface to be tested and receiving an encrypted return result fed back by the interface to be tested;
and the decryption unit is used for calling the AES encryption and decryption packet, decrypting the encrypted return result to obtain a plaintext return result, and determining the test result of the interface to be tested based on the return result.
9. The computer equipment is characterized by comprising a processing component, a storage component and a communication module component, wherein the processing component, the storage component and the communication module component are connected with each other, the storage component is used for storing a computer program, and the communication module is used for carrying out information interaction with external equipment; the processing component is configured to invoke a computer program to perform the method of any of claims 1-7.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program which is executed by a processor to implement the method of any one of claims 1-7.
CN202011550889.2A 2020-12-24 2020-12-24 Testing method of encryption interface and related equipment Pending CN112685293A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011550889.2A CN112685293A (en) 2020-12-24 2020-12-24 Testing method of encryption interface and related equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011550889.2A CN112685293A (en) 2020-12-24 2020-12-24 Testing method of encryption interface and related equipment

Publications (1)

Publication Number Publication Date
CN112685293A true CN112685293A (en) 2021-04-20

Family

ID=75452556

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011550889.2A Pending CN112685293A (en) 2020-12-24 2020-12-24 Testing method of encryption interface and related equipment

Country Status (1)

Country Link
CN (1) CN112685293A (en)

Similar Documents

Publication Publication Date Title
CN110493202B (en) Login token generation and verification method and device and server
CN106330850B (en) Security verification method based on biological characteristics, client and server
CN108347361B (en) Application program testing method and device, computer equipment and storage medium
CN106452772B (en) Terminal authentication method and device
CN111708991A (en) Service authorization method, service authorization device, computer equipment and storage medium
KR20160138063A (en) Techniques to operate a service with machine generated authentication tokens
CN108322416B (en) Security authentication implementation method, device and system
JP2016063533A (en) Network authentication method for electronic transactions
CN111062023B (en) Method and device for realizing single sign-on of multi-application system
CN107493291A (en) A kind of identity identifying method and device based on safety element SE
JP2017507552A (en) Method and apparatus for providing client-side score-based authentication
CN112491776B (en) Security authentication method and related equipment
WO2021137769A1 (en) Method and apparatus for sending and verifying request, and device thereof
CN111865882A (en) Micro-service authentication method and system
CN114257430A (en) Single sign-on system
CN114363088B (en) Method and device for requesting data
CN112308236A (en) Method, device, electronic equipment and storage medium for processing user request
Sciarretta et al. Design, formal specification and analysis of multi-factor authentication solutions with a single sign-on experience
Vasileios Grammatopoulos et al. A web tool for analyzing FIDO2/WebAuthn Requests and Responses
CN113038463B (en) Communication encryption authentication experimental device
US10657234B2 (en) Method, computer program, and system to realize and guard over a secure input routine based on their behavior
US8875244B1 (en) Method and apparatus for authenticating a user using dynamic client-side storage values
CN110166471A (en) A kind of portal authentication method and device
CN113872989A (en) Authentication method and device based on SSL protocol, computer equipment and storage medium
CN109495458A (en) A kind of method, system and the associated component of data transmission

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination